The suit comes amid mounting legal claims against Sony over massive data breaches of its PlayStation Network (PSN), the Sony Online Entertainment (SEO) network and the Sony Pictures network . The breaches, first disclosed by Sony in April, resulted in the compromise of account data belonging to close to 100 million users.

In all, more than 12 million active and expired debit and credit cards were compromised in the breaches, including about 5.6 million cards in the U.S.

The breaches have so far led to 55 putative class-action lawsuits being filed against Sony by members of the PSN and SEO network, Zurich said in its lawsuit. Three other lawsuits have been filed against Sony in Canada. In addition, the Attorneys General of several states, the Federal Trade Commission and the the House Subcommittee on Commerce, Manufacturing, and Trade have all said they are investigating the breach, Zurich noted in its complaint.

Sony has said that it expects to spend at least $178 million through March 2012 on breach-related costs.

Sony tendered the complaints and claims to Zurich and has demanded that the insurer defend it against the claims, Zurich said. But the insurer said the commercial general liability insurance policy it has with Sony Computer Entertainment America does not cover damages arising from cyber incidents .

The policy only covers "bodily injury" and "property damage" caused by occurrences other than the kind of cyber attacks Sony experienced, Zurich said.

Zurich also named three other Sony insurers as defendants in its lawsuit. It asked the court to get a clarification from the three companies on what their responsibilities would be in covering Sony's liabilities.

Sony did not immediately respond to a request for comment.

This is not the first time that an insurance company has balked at paying claims resulting from a cyber attack, and it is unlikely to be the last, considering the growing number of companies signing up for such protection.

Last June, the Colorado Casualty Insurance Co. , contended that it wasn't responsible for reimbursing the University of Utah for $3.3 million in costs related to a 2008 data breach caused by a third-party service provider.

In that case, Colorado Casualty offered no reasons for its position, which later resulted in a motion for dismissal by the third-party service provider.